<?php
/**
 * WordPress User Page
 *
 * Handles authentication, registering, resetting passwords, forgot password,
 * and other user handling.
 *
 * @package WordPress
 */



if ( ! function_exists( 'ns_login_steps_content' ) ):
/**
 * Redirect to https login if forced to use SSL
 *
 * @since Twenty Eleven 1.0
 */
function ns_login_steps_content( $step ) {
	
//global $error, $is_iphone, $interim_login, $current_site;

switch ($step) {

case 'logout' :
	check_admin_referer('log-out');
	wp_logout();

	$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'login/?loggedout=true';
	wp_safe_redirect( $redirect_to );
	exit();

break;

case 'lostpassword' :
case 'retrievepassword' :

	$http_post = ('POST' == $_SERVER['REQUEST_METHOD']);

	if ( empty($wp_error) )
		$wp_error = new WP_Error();
	
	if ( $http_post ) {
		$errors = retrieve_password();
		if ( !is_wp_error($errors) ) {
			$redirect_to = !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : 'login/?checkemail=confirm';
			wp_safe_redirect( $redirect_to );
			exit();
		}
	}

	if ( isset($_GET['error']) && 'invalidkey' == $_GET['error'] ) $errors->add('invalidkey', __('Sorry, that key does not appear to be valid.', ns_text_domaine));
	$redirect_to = apply_filters( 'lostpassword_redirect', !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '' );

	do_action('lost_password');
	login_header(__('Lost Password', ns_text_domaine), '', $errors);

	$user_login = isset($_POST['user_login']) ? stripslashes($_POST['user_login']) : '';
	
	// In case a plugin uses $error rather than the $wp_errors object
	if ( !empty( $error ) ) {
		$wp_error->add('error', $error);
		unset($error);
	}
	
	if ( $wp_error->get_error_code() ) {
		$errors = '';
		$messages = '';
		foreach ( $wp_error->get_error_codes() as $code ) {
			$severity = $wp_error->get_error_data($code);
			foreach ( $wp_error->get_error_messages($code) as $error ) {
				if ( 'message' == $severity )
					$messages .= '	' . str_replace("wp-login.php", "login/", $error) . "<br />\n";
				else
					$errors .= '	' . str_replace("wp-login.php", "login/", $error) . "<br />\n";
			}
		}
		if ( !empty($errors) )
			echo '<div id="login_error" class="error">xx' . apply_filters('login_errors', $errors) . "</div>\n";
		if ( !empty($messages) )
			echo '<p class="message">' . apply_filters('login_messages', $messages) . "</p>\n";
	}

?>

<p><?php _e('Please enter your username or email address. You will receive a link to create a new password via email.', ns_text_domaine); ?></p>

<div id="login_content">	
	<div class="grid_8 alpha">
		<form class="big_clean" name="lostpasswordform" id="lostpasswordform" action="<?php echo home_url('login/?action=lostpassword', 'login_post') ?>" method="post">
		<div class="row">
			<label for="user_login"><?php _e('Username or E-mail:', ns_text_domaine) ?></label>
			<input type="text" name="user_login" id="user_login" class="input" value="<?php echo esc_attr($user_login); ?>" size="20" tabindex="10" /></label>
			<?php do_action('lostpassword_form'); ?>
		</div>
		
		<div class="row">
			<input type="submit" name="submit" id="submit" class="rounded" value="<?php esc_attr_e('Get New Password', ns_text_domaine); ?>">
		</div>
		
		<input type="hidden" name="redirect_to" value="<?php echo str_replace("/wp-admin", "", esc_attr( $redirect_to )); ?>" />

		</form>
		<p id="nav">
			<a href="<?php echo home_url('login/', 'login') ?>"><?php _e('Log in', ns_text_domaine) ?></a>
			<?php if (get_option('users_can_register')) : ?>
			 | <a href="<?php echo home_url('login/?action=register', 'login') ?>"><?php _e('Register', ns_text_domaine) ?></a>
			<?php endif; ?>
		</p>
	</div>

</div>
<!--End #login_content-->


<?php
login_footer('user_login');
break;

case 'resetpass' :
case 'rp' :
	$user = check_password_reset_key($_GET['key'], $_GET['login']);

	if ( is_wp_error($user) ) {
		wp_redirect( site_url('login/?action=lostpassword&error=invalidkey') );
		exit;
	}

	$errors = '';

	if ( isset($_POST['pass1']) && $_POST['pass1'] != $_POST['pass2'] ) {
		$errors = new WP_Error('password_reset_mismatch', __('The passwords do not match.', ns_text_domaine));
	} elseif ( isset($_POST['pass1']) && !empty($_POST['pass1']) ) {
		reset_password($user, $_POST['pass1']);
		login_header(__('Password Reset', ns_text_domaine), '<p class="message reset-pass">' . __('Your password has been reset.', ns_text_domaine) . ' <a href="' . site_url('login/', 'login') . '">' . __('Log in', ns_text_domaine) . '</a></p>');
		login_footer();
		exit;
	}

	wp_enqueue_script('utils');
	wp_enqueue_script('user-profile');

	login_header(__('Reset Password', ns_text_domaine), '', $errors );

?>

<p><?php _e('Enter your new password below.', ns_text_domaine); ?></p>

<div id="reset_password_content">	
	<div class="grid_16">
		<form class="big_clean" name="resetpassform" id="resetpassform" action="<?php echo home_url('login/?action=resetpass&key=' . urlencode($_GET['key']) . '&login=' . urlencode($_GET['login']), 'login_post') ?>" method="post">
		<div class="row">
			<label for="user_login"><?php _e('New password', ns_text_domaine) ?></label>
			<input type="password" name="pass1" id="pass1" class="rounded" size="20" value="" autocomplete="off" />
			<p>(Must be at least 4 characters, letters and numbers only.)</p>
		</div>
		
		<div class="row">
			<label for="user_email"><label><?php _e('Confirm new password', ns_text_domaine) ?></label>
			<input type="password" name="pass2" id="pass2" class="rounded" size="20" value="" autocomplete="off" />
			<p>We send your registration email to this address. (Double-check your email address before continuing.)</p>
		</div>
		
		<div class="row">
			<input type="submit" name="wp-submit" id="wp-submit" class="rounded" value="<?php esc_attr_e('Reset Password', ns_text_domaine); ?>" tabindex="100" />
		</div>
		
		<input type="hidden" id="user_login" value="<?php echo esc_attr( $_GET['login'] ); ?>" autocomplete="off" />

		</form>
		<p id="nav">
		<a href="<?php echo home_url('login/', 'login') ?>"><?php _e('Log in', ns_text_domaine) ?></a> |
		<a href="<?php echo home_url('login/?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found', ns_text_domaine) ?>"><?php _e('Lost your password?', ns_text_domaine) ?></a>
		</p>
	</div>

</div>
<!--End #reset_password_content-->


<?php
login_footer('user_pass');
break;

case 'register' :

	// Don't index any of these forms
	add_filter( 'pre_option_blog_public', '__return_zero' );
	add_action( 'login_head', 'noindex' );

	if ( empty($wp_error) )
		$wp_error = new WP_Error();

	if ( !get_option('users_can_register') ) {
		wp_redirect( site_url('login/?registration=disabled') );
		exit();
	}
	
	$user_login = '';
	$user_email = '';

	$http_post = ('POST' == $_SERVER['REQUEST_METHOD']);
	
	if ( $http_post ) {
		$user_login = $_POST['user_login'];
		$user_email = $_POST['user_email'];
		$errors = register_new_user($user_login, $user_email);
		if ( !is_wp_error($errors) ) {
			$redirect_to = !empty( $_POST['redirect_to'] ) ? $_POST['redirect_to'] : 'login/?checkemail=registered';
			wp_safe_redirect( $redirect_to );
			exit();
		}
	}

	$redirect_to = apply_filters( 'registration_redirect', !empty( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '' );
	
	login_header(__('Registration Form', ns_text_domaine), '', $errors);
	
	// In case a plugin uses $error rather than the $wp_errors object
	if ( !empty( $error ) ) {
		$wp_error->add('error', $error);
		unset($error);
	}
	
	if ( $wp_error->get_error_code() ) {
		$errors = '';
		$messages = '';
		foreach ( $wp_error->get_error_codes() as $code ) {
			$severity = $wp_error->get_error_data($code);
			foreach ( $wp_error->get_error_messages($code) as $error ) {
				if ( 'message' == $severity )
					$messages .= '	' . str_replace("wp-login.php", "login/", $error) . "<br />\n";
				else
					$errors .= '	' . str_replace("wp-login.php", "login/", $error) . "<br />\n";
			}
		}
		if ( !empty($errors) )
			echo '<div id="login_error" class="error">xx' . apply_filters('login_errors', $errors) . "</div>\n";
		if ( !empty($messages) )
			echo '<p class="message">' . apply_filters('login_messages', $messages) . "</p>\n";
	}
?>

<p><?php _e('With an Amawal account, you take part on the making of the berber dictionary!', ns_text_domaine) ?></p>

<div id="login_content">	
	<div class="grid_8 alpha">
		<form class="big_clean" name="registerform" id="registerform" action="<?php echo home_url('login/?action=register', 'login_post') ?>" method="post">
		<div class="row">
			<label for="user_login"><?php _e('Username', ns_text_domaine) ?></label>
			<input class="rounded" name="user_login" id="user_login" type="text" value="" size="40">
			<p>(Must be at least 4 characters, letters and numbers only.)</p>
		</div>
		
		<div class="row">
			<label for="user_email"><?php _e('E-mail', ns_text_domaine) ?></label>
			<input type="text" name="user_email" id="user_email" class="rounded" value="<?php echo esc_attr(stripslashes($user_email)); ?>" size="25" tabindex="20" />
			<p>We send your registration email to this address. (Double-check your email address before continuing.)</p>
		</div>
		
		<div class="row">
			<input type="submit" name="submit" id="submit" class="rounded" value="<?php esc_attr_e('Register', ns_text_domaine); ?>">
		</div>
		
		<input type="hidden" name="redirect_to" value="<?php echo str_replace("/wp-admin", "", esc_attr( $redirect_to )); ?>" />

		</form>
		<p id="nav">
		<a href="<?php echo home_url('login/', 'login') ?>"><?php _e('Log in', ns_text_domaine) ?></a> |
		<a href="<?php echo home_url('login/?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found', ns_text_domaine) ?>"><?php _e('Lost your password?', ns_text_domaine) ?></a>
		</p>
	</div>
	
	<?php if (function_exists('dynamic_sidebar') && dynamic_sidebar('janrain_widget')) : ?>
	<div class="grid_6 or_choice prefix_1 suffix_1">
		<h1><?php _e('..Or register with', ns_text_domaine) ?> ⇒</h1>
	</div>
	
	<div class="grid_8 omega janrain">
			<a onclick="showRPX('rpxlogin')" href="#" title="Home"><img src="<?php echo get_template_directory_uri(); ?>/images/janrain.png" /></a>	
	</div>
	<?php endif; ?>

</div>
<!--End #login_content-->


<?php
login_footer('user_login');
break;

case 'login' :
default:
	$secure_cookie = '';
	$interim_login = isset($_REQUEST['interim-login']);

	// If the user wants ssl but the session is not ssl, force a secure cookie.
	if ( !empty($_POST['log']) && !force_ssl_admin() ) {
		$user_name = sanitize_user($_POST['log']);
		if ( $user = get_userdatabylogin($user_name) ) {
			if ( get_user_option('use_ssl', $user->ID) ) {
				$secure_cookie = true;
				force_ssl_admin(true);
			}
		}
	}

	if ( isset( $_REQUEST['redirect_to'] ) ) {
		$redirect_to = $_REQUEST['redirect_to'];
		
		// if redirected while trying to add a relation to a word
		if ( isset( $_REQUEST['word_id'] ) ) $redirect_to .= '&word_id='.$_REQUEST['word_id'];
		
		// Redirect to https if user wants ssl
		if ( $secure_cookie && false !== strpos($redirect_to, 'wp-admin') )
			$redirect_to = preg_replace('|^http://|', 'https://', $redirect_to);
	} else {
		$redirect_to = admin_url();
	}

	$reauth = empty($_REQUEST['reauth']) ? false : true;

	// If the user was redirected to a secure login form from a non-secure admin page, and secure login is required but secure admin is not, then don't use a secure
	// cookie and redirect back to the referring non-secure admin page.  This allows logins to always be POSTed over SSL while allowing the user to choose visiting
	// the admin via http or https.
	if ( !$secure_cookie && is_ssl() && force_ssl_login() && !force_ssl_admin() && ( 0 !== strpos($redirect_to, 'https') ) && ( 0 === strpos($redirect_to, 'http') ) )
		$secure_cookie = false;

	$user = wp_signon('', $secure_cookie);

	$redirect_to = apply_filters('login_redirect', $redirect_to, isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : '', $user);

	if ( !is_wp_error($user) && !$reauth ) {
		if ( $interim_login ) {
			$message = '<p class="message">' . __('You have logged in successfully.', ns_text_domaine) . '</p>';
			login_header( '', $message ); ?>
			<script type="text/javascript">setTimeout( function(){window.close()}, 8000);</script>
			<p class="alignright">
			<input type="button" class="button-primary" value="<?php esc_attr_e('Close', ns_text_domaine); ?>" onclick="window.close()" /></p>
			</div></body></html>
<?php		exit;
		}

		if ( ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url() ) ) {
			// If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
			if ( is_multisite() && !get_active_blog_for_user($user->id) && !is_super_admin( $user->id ) )
				$redirect_to = user_admin_url();
			elseif ( is_multisite() && !$user->has_cap('read') )
				$redirect_to = get_dashboard_url( $user->id );
			elseif ( !$user->has_cap('edit_posts') )
				$redirect_to = admin_url('profile.php');
		}
		wp_safe_redirect($redirect_to);
		exit();
	}

	$errors = $user;
	// Clear errors if loggedout is set.
	if ( !empty($_GET['loggedout']) || $reauth )
		$errors = new WP_Error();

	// If cookies are disabled we can't log in even with a valid user+pass
	if ( isset($_POST['testcookie']) && empty($_COOKIE[TEST_COOKIE]) )
		$errors->add('test_cookie', __("<strong>ERROR</strong>: Cookies are blocked or not supported by your browser. You must <a href='http://www.google.com/cookies.html'>enable cookies</a> to use WordPress.", ns_text_domaine));

	// Some parts of this script use the main login form to display a message
	if		( isset($_GET['loggedout']) && TRUE == $_GET['loggedout'] )
		$errors->add('loggedout', __('You are now logged out.', ns_text_domaine), 'message');
	elseif	( isset($_GET['registration']) && 'disabled' == $_GET['registration'] )
		$errors->add('registerdisabled', __('User registration is currently not allowed.', ns_text_domaine));
	elseif	( isset($_GET['checkemail']) && 'confirm' == $_GET['checkemail'] )
		$errors->add('confirm', __('Check your e-mail for the confirmation link.', ns_text_domaine), 'message');
	elseif	( isset($_GET['checkemail']) && 'newpass' == $_GET['checkemail'] )
		$errors->add('newpass', __('Check your e-mail for your new password.', ns_text_domaine), 'message');
	elseif	( isset($_GET['checkemail']) && 'registered' == $_GET['checkemail'] )
		$errors->add('registered', __('Registration complete. Please check your e-mail.', ns_text_domaine), 'message');
	elseif	( $interim_login )
		$errors->add('expired', __('Your session has expired. Please log-in again.', ns_text_domaine), 'message');

	// Clear any stale cookies.
	if ( $reauth )
		wp_clear_auth_cookie();

	login_header(__('Log In', ns_text_domaine), '', $errors);

	if ( isset($_POST['log']) )
		$user_login = ( 'incorrect_password' == $errors->get_error_code() || 'empty_password' == $errors->get_error_code() ) ? esc_attr(stripslashes($_POST['log'])) : '';
	$rememberme = ! empty( $_POST['rememberme'] );
?>

<p><?php _e('If you already have an account please login using your account details, if not, then please register to have full access.', ns_text_domaine) ?></p>

<div id="login_content">	
	<div class="grid_8 alpha">
		<form class="big_clean" name="loginform" id="loginform" action="<?php echo home_url('login/', 'login_post') ?>" method="post">
		<div class="row">
			<label for="log"><?php _e('Username', ns_text_domaine) ?></label>
			<input class="rounded" name="log" id="user_login" type="text" value="" size="40">
		</div>
		
		<div class="row">
			<label for="pwd"><?php _e('Password', ns_text_domaine) ?></label>
			<input class="rounded" type="password" name="pwd" id="user_pass" value="" size="40">
		</div>
		
		<div class="row">
			
			<label for="rememberme"><input name="rememberme" type="checkbox" id="rememberme" value="forever" tabindex="90"<?php checked( $rememberme ); ?> /><?php esc_attr_e('Remember Me', ns_text_domaine); ?></label>
		</div>
		
		<div class="row">
			<input type="submit" name="submit" id="submit" class="rounded" value="<?php _e( 'Log In', ns_text_domaine ); ?>">
		</div>
		
		<?php	if ( $interim_login ) { ?>
		<input type="hidden" name="interim-login" value="1" />
		<?php	} else { ?>
				<input type="hidden" name="redirect_to" value="<?php echo str_replace("/wp-admin", "", esc_attr( $redirect_to )); ?>" />
		<?php 	} ?>
		<input type="hidden" name="testcookie" value="1" />
		<input type="hidden" name="echooo" value="<?php echo $redirect_to; ?>" />

		</form>
		
		<?php if ( !$interim_login ) { ?>
		<p id="nav">
		<?php if ( isset($_GET['checkemail']) && in_array( $_GET['checkemail'], array('confirm', 'newpass') ) ) : ?>
		<?php elseif ( get_option('users_can_register') ) : ?>
		<a href="<?php echo home_url('login/?action=register', 'login') ?>"><?php _e('Register', ns_text_domaine) ?></a> |
		<a href="<?php echo home_url('login/?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found', ns_text_domaine) ?>"><?php _e('Lost your password?', ns_text_domaine) ?></a>
		<?php else : ?>
		<a href="<?php echo home_url('login/?action=lostpassword', 'login') ?>" title="<?php _e('Password Lost and Found', ns_text_domaine) ?>"><?php _e('Lost your password?', ns_text_domaine) ?></a>
		<?php endif; ?>
		</p>
		<?php } ?>

	</div>
	
	<?php if (function_exists('dynamic_sidebar') && dynamic_sidebar('janrain_widget')) : ?>
	<div class="grid_6 or_choice prefix_1 suffix_1">
		<h1><?php _e('..Or use your account in one of this websites to login', ns_text_domaine) ?> ⇒</h1>
	</div>
	
	<div class="grid_8 omega janrain">
		
			<a onclick="showRPX('rpxlogin')" href="#" title="Home"><img src="<?php echo get_template_directory_uri(); ?>/images/janrain.png" /></a>		
		
	</div>
	<?php endif; ?>

</div>
<!--End #login_content-->

<script type="text/javascript">
function wp_attempt_focus(){
setTimeout( function(){ try{
<?php if ( $user_login || $interim_login ) { ?>
d = document.getElementById('user_pass');
d.value = '';
<?php } else { ?>
d = document.getElementById('user_login');
<?php if ( 'invalid_username' == $errors->get_error_code() ) { ?>
if( d.value != '' )
d.value = '';
<?php
}
}?>
d.focus();
d.select();
} catch(e){}
}, 200);
}

<?php if ( !$error ) { ?>
wp_attempt_focus();
<?php } ?>
if(typeof wpOnload=='function')wpOnload();
</script>

<?php
login_footer();
break;
} // end action switch;
	
}
endif; // ns_login_steps_content